Field Name |
Description |
---|---|
event_result |
The result value of the expressed event information. This is normally set to “S” for success or “F” for failure. In some instances there are other options provided (Accepted, Dropped, Rejected) for this field. |
result_string |
A descriptive string which describes what action is expressed in this event. This field is occasionally provided by the vendor. |
result_signature |
The signature is the name of the virus or name of the IDS signature that was matched. For other types of events that do not use signature-based matching this field would be blank. |
result_code |
The return code expressed in the event information. This field is normally populated for failed events. |
result_version |
The version of signature expressed in the result_signature field. |
result_priority |
The priority of the expressed event information. |
result_scope |
The scope of the expressed event information. |
result_severity |
The severity of the expressed event information. |
Copyright © 2013 CA.
All rights reserved.
|
|